Last post Dec 17, 2015 04:48 PM by PatriceSc
Sep 29, 2015 02:30 AM|Niggi28|LINK
I'm coding a webform (just for fun) and I created a cookie, which saves the inputs. I learnd, that the cookie saves everything in plaintext, including the password. Is there a possibility to make the cookie save the password "unreadable"?
Sep 29, 2015 02:42 AM|Mukesh_Kumar|LINK
Here if you want to make your cookie, does not use by anyone ... than you should use encryption.
use this code..
private static void SetEncryptedCookie(string name, string value)
var encryptName = SomeEncryptionMethod(name);
Response.Cookies[encryptName].Value = SomeEncryptionMethod(value);
//set other cookie properties here, expiry &c.
//Response.Cookies[encryptName].Expires = ...
private static string GetEncryptedCookie(string name)
//you'll want some checks/exception handling around this
For more refer this link..
Mark as answer if it will help you.
Sep 29, 2015 03:02 AM|Nan Yu|LINK
Hi Niggi ，
Is there a possibility to make the cookie save the password "unreadable"?
It's not secure to store passwords in cookies because they are available as plain text. In ASP.NET , we could use forms authentication to let you authenticate users by using your own code and then maintain an authentication token in a cookie or in the page
The second argument's value determines if the cookie is persistent .
For more details ,you could refer to links below:
Dec 17, 2015 04:48 PM|PatriceSc|LINK
#1 you could encrypt the value but then you are doing things the other way round that is you choosed an option and then try to mitigate an issue caused by this possibly bad choice
#2 or go back to what you want. Do you need it client side (as cookies are a client side storage)? Do you even need to store the password?
(I understand you may just want to learn about cookies but even though it's a good exercise to first look at your goal and choose the right tool)